Many ways to secure email delivery. One of them is use TLS connection/encrypted when sending email. The encryption connection will make connection between email server more secure. This guidance will explain step by step how to check smtp outgoing already use encryption or not.
# Checking Header
Please try to send email to Gmail or Yahoo and check in the header email. The following is example header email at Gmail.
Return-Path: <xxxxx@xxxxxxxxx> Received: from xxxxxx.excellent.co.id (xxxxxxx.xxxxxxxx.xxx. [139.xxx.xxx.xxx]) by mx.google.com with ESMTPS id h85si6267366oib.24.2016.02.12.18.05.28 for <firstname.lastname@example.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Feb 2016 18:05:29 -0800 (PST)
In the header, we get information about version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128. It’s mean, your smtp outgoing already use encryption/TLS connection.
# Checking Show details on Gmail
If you see encryption: Standard (TLS) on Show details, your SMTP outgoing already use encryption.
# Checking via http://www.checktls.com/
Please open the following link : http://www.checktls.com/perl/TestSender.pl and click on Start Test. Follow the intruction that given with send email to test@TestSender.CheckTLS.com with subject passcode. You will receive reply about your outgoing connection whether has been used encryption or not.
# Activate SMTP Outgoing Encryption/TLS
If your SMTP outgoing not yet use encryption/TLS, please try this configuration to achieve it.
The following guidance is for Engine Postfix. Please open main.cf and make sure the configuration like follow
smtp_use_tls = yes smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may
The following guidance is for Zimbra Postfix. By default, Zimbra 8.5 and latest already use encryption. If you are use Zimbra 8.0.x or below, please try this command and restart Zimbra.
zmlocalconfig -e postfix_smtp_tls_security_level=may
Good luck and hopefully useful 😀